Using a security advisory plugin and a pre-commit hook
In this section, we will explore security advisory plugins and how they help in detecting vulnerabilities during the development phase itself rather than the build phase. This makes it easier for the developer to see the vulnerabilities and fix them using the recommendations. There are lots of security advisory plugins available on the market that help you detect vulnerabilities while writing your code in IDE. Lots of industries have their own preferences when selecting a vendor. I have found the Nexus IQ plugin quite powerful and it supports major IDEs such as IntelliJ, VS Code, and Eclipse. In this chapter, we will explore the Snyk vulnerability scanner, which scans your code as well as open source dependencies. Perform the following task on your local machine in which you have your IDE installed. The following test has been performed on VS Code, but the Snyk vulnerability scanner is also available in other major IDEs:
-
...
